Re: [us...@httpd] nested Require group?
On 18.08.10 11:23, Andrew Schulman wrote: I have outer and inner directories that I want to protect with different Require groups directives: Directory /var/www/html Require group outer /Directory Directory /var/www/html/inner Require group inner /Directory My hope was that the inner Require directive would override the outer one, allowing me to protect the inner directory with the more restrictive inner group. Or equivalently, that the two Require group directives would be ANDed together. Instead, it appears that the two directives are being ORed together, resulting in a *less* restrictive policy for the inner directory - the opposite of what I wanted. Anyone in either the outer *or* the inner is allowed access to inner. There is no AND and no OR here. In the /var/www/html/inner only the Require group inner applies. Does this seem right? Does anyone know of a way to AND Require group directives? No. And note you must use different realms by specifying different AuthName directives, otherwise it may confuse browsers. The access privileges to the same realm (same AuthName) should be the same within whole realm. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. You have the right to remain silent. Anything you say will be misquoted, then used against you. - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
[us...@httpd] nested Require group?
I have outer and inner directories that I want to protect with different Require groups directives: Directory /var/www/html Require group outer /Directory Directory /var/www/html/inner Require group inner /Directory My hope was that the inner Require directive would override the outer one, allowing me to protect the inner directory with the more restrictive inner group. Or equivalently, that the two Require group directives would be ANDed together. Instead, it appears that the two directives are being ORed together, resulting in a *less* restrictive policy for the inner directory - the opposite of what I wanted. Anyone in either the outer *or* the inner is allowed access to inner. Does this seem right? Does anyone know of a way to AND Require group directives? The Apache documentation says that when multiple groups are put on the same Require group line, e.g. Require group outer inner then the user has to belong to only one of the listed groups, i.e. the groups are ORed. However, it says nothing at all AFAICT about what happens when you use multiple Require group statements. One might infer that those are also ORed, and that seems to be what happens... but the documentation doesn't say. Thanks, Andrew - The official User-To-User support forum of the Apache HTTP Server Project. See URL:http://httpd.apache.org/userslist.html for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org